Lucene search
K

246 matches found

vulnrichment
vulnrichment
added 2024/11/21 1:30 a.m.15 views

CVE-2024-52797 Searching Opencast may cause a denial of service

Opencast is free and open source software for automated video capture and distribution. First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11....

6.5CVSS6.8AI score0.00884EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/11/21 12:0 a.m.6 views

Opencast 安全漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast that stems from generating syntactically invalid Elasticsearch query statements, which can lead to a denial of...

7.5CVSS6.4AI score0.00884EPSS
Exploits0References5
osv
osv
added 2024/11/20 10:46 p.m.5 views

GHSA-JH6X-7XFG-9CQ2 Searching Opencast may cause a denial of service

Impact First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11.4 and newer, Elasticsearch queries are retried a configurable number of times in...

6.5CVSS5.8AI score0.00884EPSS
Exploits0References7
github
github
added 2024/11/20 10:46 p.m.33 views

Searching Opencast may cause a denial of service

Impact First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11.4 and newer, Elasticsearch queries are retried a configurable number of times in...

7.5CVSS6.5AI score0.00884EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2023/12/12 5:15 p.m.27 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.5CVSS0.00829EPSS
Exploits0References4
osv
osv
added 2023/12/12 5:15 p.m.14 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.5CVSS7.2AI score
Exploits0References4
prion
prion
added 2023/12/12 5:15 p.m.21 views

Design/Logic Flaw

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

5CVSS7.5AI score0.00829EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2023/12/12 12:0 a.m.30 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.7AI score0.00829EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2023/12/12 12:0 a.m.5 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.1AI score0.00829EPSS
Exploits0References4
cve
cve
added 2023/12/12 12:0 a.m.75 views

CVE-2018-16153

CVE-2018-16153 affects Opencast 4.x–10.x prior to 10.6, where authentication attempts to external services may transmit system digest credentials. The issue arises when Opencast sends credentials during authentication against arbitrary external services inside some workflows, potentially exposing...

7.5CVSS7.6AI score0.00829EPSS
Exploits0References4Affected Software1
cnnvd
cnnvd
added 2023/12/12 12:0 a.m.8 views

Opencast Security Vulnerabilities

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions 4.x through 10.x prior to 10.6, which originates from sending system digest credentials during an...

7.5CVSS7AI score0.00829EPSS
Exploits0References5
openvas
openvas
added 2022/12/02 12:0 a.m.8 views

Opencast < 12.5 Open Redirect Vulnerability

Opencast is prone to an open redirect vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.00347EPSS
Exploits0References1
osv
osv
added 2022/11/30 9:22 p.m.26 views

GHSA-R3QR-VWVG-43F7 Authenticated OpenRedirect Vulnerability

Description Prior to Opencast 12.5 Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. Impact The vulnerability allows attackers to redirect users to sites outside of your Opencast install, potentially facilitating phishing attacks or other...

6.1CVSS5.8AI score0.00347EPSS
Exploits0References4
github
github
added 2022/11/30 9:22 p.m.29 views

Authenticated OpenRedirect Vulnerability

Description Prior to Opencast 12.5 Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. Impact The vulnerability allows attackers to redirect users to sites outside of your Opencast install, potentially facilitating phishing attacks or other...

6.1CVSS6.1AI score0.00347EPSS
Exploits0References4Affected Software1
veracode
veracode
added 2022/11/29 2:41 a.m.16 views

Open Redirect

Opencast is vulnerable to open redirect. The vulnerability exists due to improper sanitization of user-supplied data which allows an attacker to redirect the user to an arbitrary website...

6.1CVSS6.2AI score0.00347EPSS
Exploits0References2Affected Software2
nvd
nvd
added 2022/11/28 9:15 p.m.23 views

CVE-2022-41965

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

6.1CVSS0.00347EPSS
Exploits0References2
prion
prion
added 2022/11/28 9:15 p.m.14 views

Double free

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

5.8CVSS6.1AI score0.00347EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2022/11/28 12:0 a.m.5 views

Opencast 输入验证错误漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. An input validation error vulnerability exists in versions of Opencast prior to 12.5. An attacker could exploit this vulnerability to redirect users to a...

6.1CVSS6.2AI score0.00347EPSS
Exploits0References3
cvelist
cvelist
added 2022/11/28 12:0 a.m.24 views

CVE-2022-41965 Opencast Authenticated OpenRedirect Vulnerability

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

5.7CVSS6.3AI score0.00347EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/11/28 12:0 a.m.3 views

PT-2022-26189 · Opencast · Opencast

Name of the Vulnerable Software and Affected Versions: Opencast versions prior to 12.5 Description: The vulnerability in Opencast's Paella authentication page allows attackers to redirect authenticated users to arbitrary URLs, potentially facilitating phishing attacks or other security issues. Th...

6.1CVSS6.2AI score0.00347EPSS
Exploits0References7
Rows per page
Query Builder